Commit | Line | Data |
---|---|---|
14d4f286 S |
1 | <?php |
2 | /** | |
3 | * The Joomla based hash implementation based off of the md5-hex hash method | |
4 | * | |
5 | * It's worth noting, since there's no prefix, you cannot create a hash using | |
6 | * the factory method. | |
7 | * | |
8 | * PHP version 5.3 | |
9 | * | |
10 | * @category PHPCryptLib | |
11 | * @package Password | |
12 | * @subpackage Implementation | |
13 | * @author Anthony Ferrara <ircmaxell@ircmaxell.com> | |
14 | * @copyright 2011 The Authors | |
15 | * @license http://www.opensource.org/licenses/mit-license.html MIT License | |
16 | * @version Build @@version@@ | |
17 | */ | |
18 | ||
19 | namespace CryptLib\Password\Implementation; | |
20 | ||
21 | use CryptLib\Random\Factory as RandomFactory; | |
22 | ||
23 | /** | |
24 | * The Joomla based hash implementation based off of the md5-hex hash method | |
25 | * | |
26 | * It's worth noting, since there's no prefix, you cannot create a hash using | |
27 | * the factory method. | |
28 | * | |
29 | * @category PHPCryptLib | |
30 | * @package Password | |
31 | * @subpackage Implementation | |
32 | * @author Anthony Ferrara <ircmaxell@ircmaxell.com> | |
33 | */ | |
34 | class Joomla implements \CryptLib\Password\Password { | |
35 | ||
36 | /** | |
37 | * @var Generator The random generator to use for seeds | |
38 | */ | |
39 | protected $generator = null; | |
40 | ||
41 | /** | |
42 | * Determine if the hash was made with this method | |
43 | * | |
44 | * @param string $hash The hashed data to check | |
45 | * | |
46 | * @return boolean Was the hash created by this method | |
47 | */ | |
48 | public static function detect($hash) { | |
49 | return (boolean) preg_match('/^[a-fA-F0-9]{32}:[a-zA-z0-9]{32}$/', $hash); | |
50 | } | |
51 | ||
52 | /** | |
53 | * Return the prefix used by this hashing method | |
54 | * | |
55 | * @return string The prefix used | |
56 | */ | |
57 | public static function getPrefix() { | |
58 | return false; | |
59 | } | |
60 | ||
61 | /** | |
62 | * Load an instance of the class based upon the supplied hash | |
63 | * | |
64 | * @param string $hash The hash to load from | |
65 | * | |
66 | * @return Password the created instance | |
67 | * @throws InvalidArgumentException if the hash wasn't created here | |
68 | */ | |
69 | public static function loadFromHash($hash) { | |
70 | if (!static::detect($hash)) { | |
71 | throw new \InvalidArgumentException('Hash Not Created Here'); | |
72 | } | |
73 | return new static(); | |
74 | } | |
75 | ||
76 | /** | |
77 | * Build a new instance | |
78 | * | |
79 | * @param Generator $generator The random generator to use for seeds | |
80 | * @param Factory $factory The hash factory to use for this instance | |
81 | * | |
82 | * @return void | |
83 | */ | |
84 | public function __construct( | |
85 | \CryptLib\Random\Generator $generator = null | |
86 | ) { | |
87 | if (is_null($generator)) { | |
88 | $random = new RandomFactory(); | |
89 | $generator = $random->getMediumStrengthGenerator(); | |
90 | } | |
91 | $this->generator = $generator; | |
92 | } | |
93 | ||
94 | /** | |
95 | * Create a password hash for a given plain text password | |
96 | * | |
97 | * @param string $password The password to hash | |
98 | * | |
99 | * @return string The formatted password hash | |
100 | */ | |
101 | public function create($password) { | |
102 | $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'; | |
103 | $salt = $this->generator->generateString(32, $chars); | |
104 | $hash = md5($password . $salt); | |
105 | return $hash . ':' . $salt; | |
106 | } | |
107 | ||
108 | /** | |
109 | * Verify a password hash against a given plain text password | |
110 | * | |
111 | * @param string $password The password to hash | |
112 | * @param string $hash The supplied ahsh to validate | |
113 | * | |
114 | * @return boolean Does the password validate against the hash | |
115 | */ | |
116 | public function verify($password, $hash) { | |
117 | if (!static::detect($hash)) { | |
118 | throw new \InvalidArgumentException( | |
119 | 'The hash was not created here, we cannot verify it' | |
120 | ); | |
121 | } | |
122 | list ($hash, $salt) = explode(':', $hash, 2); | |
123 | $test = md5($password . $salt); | |
124 | return $test == $hash; | |
125 | } | |
126 | ||
127 | } |